2017年1月31日火曜日

SSL Setting


I checked the SSL setting of my server. The result was "A +". I will enumerate points devised by setting.



/etc/apache2/sites-enabled/default-ssl.conf

Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"

SSLProtocol ALL -TLSv1 -SSLv2 -SSLv3

SSLHonorCipherOrder on
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4:!DES:!DH:

時刻:

fd-find

 $ sudo apt install fd-find $ fdfind 石